WordPress · The Bookster · CVE-2024-5071
Name of the Vulnerable Software and Affected Versions:
The Bookster WordPress plugin versions prior to 1.1.1
Description:
The issue allows attackers to manipulate the data sent when booking an appointment by adding sensitive parameters when validating appointments, potentially changing the status from pending to approved.
Recommendations:
For The Bookster WordPress plugin versions prior to 1.1.1, update to version 1.1.1 or later to resolve the issue.